Adding USER_ID and GROUP_ID to specify permission without making breaking change (#882)

* fixing permissions to be able to run springboot with given UID and GID * Adding USER_ID and GROUP_ID to specify permission without making breaking change * move su exec to start.sh --------- Co-authored-by: Aditya Chandel <8075870+adityachandelgit@users.noreply.github.com>
2025-12-23 14:20:48 -05:00 · 2025-09-06 07:00:48 +02:00
parent af622d9f75
commit 7604fa7fa0
5 changed files with 9 additions and 9 deletions
--- a/2
+++ b/2
@@ -27,7 +27,7 @@ RUN gradle clean build -x test
 # Stage 3: Final image
 FROM eclipse-temurin:21-jre-alpine
-RUN apk update && apk add nginx gettext
+RUN apk update && apk add nginx gettext su-exec
 COPY ./nginx.conf /etc/nginx/nginx.conf
 COPY --from=angular-build /angular-app/dist/booklore/browser /usr/share/nginx/html
--- a/README.md
+++ b/README.md
@@ -101,8 +101,8 @@ ### 2️⃣ Create docker-compose.yml
    # image: ghcr.io/booklore-app/booklore:latest
    container_name: booklore
    environment:
-      - PUID=1000
+      - USER_ID=0  # Modify this if the volume's ownership is not root
-      - PGID=1000
+      - GROUP_ID=0 # Modify this if the volume's ownership is not root
      - TZ=Etc/UTC
      - DATABASE_URL=jdbc:mariadb://mariadb:3306/booklore   # Only modify this if you're familiar with JDBC and your database setup
      - DATABASE_USERNAME=booklore                          # Must match MYSQL_USER defined in the mariadb container
--- a/booklore-api/src/main/java/com/adityachandel/booklore/service/upload/FileUploadService.java
+++ b/booklore-api/src/main/java/com/adityachandel/booklore/service/upload/FileUploadService.java
@@ -64,10 +64,10 @@ public class FileUploadService {
    private final AdditionalFileMapper additionalFileMapper;
    private final MonitoringService monitoringService;
-    @Value("${PUID:0}")
+    @Value("${PUID:${USER_ID:0}}")
    private String userId;
-    @Value("${GUID:0}")
+    @Value("${PGID:${GROUP_ID:0}}")
    private String groupId;
    public Book uploadFile(MultipartFile file, long libraryId, long pathId) throws IOException {
--- a/example-docker/.env
+++ b/example-docker/.env
@@ -4,11 +4,11 @@
 BOOKLORE_IMAGE_TAG=latest
 # User and Timezone Settings
-# PUID and PGID define the user/group running the container.
+# USER_ID and GROUP_ID define the user/group running the backend service.
 # Avoid using "user" property because system won't work with it.
 # TZ sets the timezone for correct time-related operations.
-PUID=1000      # Default user ID (Check with `id -u` on Linux/Mac)
+USER_ID=0      # Default root user ID (Check with `id -u` on Linux/Mac)
-PGID=1000      # Default group ID (Check with `id -g` on Linux/Mac)
+GROUP_ID=0      # Default root group ID (Check with `id -g` on Linux/Mac)
 TZ=Etc/UTC     # Change this to your timezone (e.g., America/New_York, Asia/Kolkata)
 # Database Credentials (Replace with a secure password)
--- a/start.sh
+++ b/start.sh
@@ -15,4 +15,4 @@ mv "$TMP_CONF" /etc/nginx/nginx.conf
 nginx -g 'daemon off;' &
 # Start Spring Boot in foreground
-exec java -jar /app/app.jar
+su-exec ${USER_ID:-0}:${GROUP_ID:-0} java -jar /app/app.jar